Data Subject Rights
Teleskope's Data Subject Rights feature makes executing Deletion and Access requests simple and automated. Most DSR requests - otherwise known as the Rights to Know, Delete, or be Forgotten - enforce strict timelines as detailed at the bottom of this page.
First, configure your DSR ecosystem by enrolling datastores and third party integrations:
Enrollment - Enroll specific tables that should be subject to deletion or access requests. Optionally, enroll date-sharded tables to propagate deletions to future tables.
Integrations - Set up each 3rd party integration like Stripe, Hubspot, or Mailchimp in order to process deletion and access requests, and limit what sorts of requests can be performed on each.
Webhooks - Create webhooks to Post access and deletion requests to services without integrations or custom data stores.
Identifiers - Detail unique identifiers to enable deletion requests for company or industry-specific identity references.
Settings - Configure DSR Customizations, emails to vendors where automation is not supported, and Slack notifications.
Then, process your request:
Submit - Return to the Requests tab, and submit a new DSR request. Input the request type and identifiers and click submit.
Tasks - In each subtab, you're able to click into a request to view which table or integration is currently being processed, when each succeeds, and which, if any, failed.
Regulatory DSR requirements
United States DSRs
| Framework | Time to Reply (days) | Extension (days) |
|---|---|---|
CA - CCPA & CPRA | 25 | 25 |
VA - CDPA | 45 | 45 |
CO - CPA | 45 | 45 |
UT - UCPA | 45 | 45 |
TX - TDPSA | 45 | 45 |
MO - MTCDPA | 45 | 45 |
CT - CTDPA | 45 | 45 |
OR - OCPA | 45 | 45 |
IA - ICDPA | 90 | 45 |
International DSRs
| Framework | Time to Reply (days) | Extension (days) |
|---|---|---|
EU - GDPR | 28 | 61 |
BR - LGPD | "Immediately" | 15 |
UK - GDPR & DPA | ~28 | 61 |
JP - APPI | "Without delay" | |
CA - PIPEDA | ~30 | |
AU - Cth & APPs | ~30 | |
SG - PDPA | 30 |
Last updated